Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy Security Your Rights Online

Toyota Japan Exposed Data on Millions of Vehicles For a Decade (techcrunch.com) 15

Toyota Japan has apologized after admitting to leaving millions of customers' vehicle details on the public internet for a decade. From a report: The car maker said in a notice that it will notify about 2.15 million customers whose personal and vehicle information were left exposed to the internet after a "cloud misconfiguration" was discovered recently in April. Toyota said that the exposed data includes: registered email addresses; vehicle-unique chassis and navigation terminal numbers; the location of vehicles and what time they were there; and videos from the vehicle's "drive recorder" which records footage from the car. Toyota said the data spilling from its Connected Cloud (TC) was initially exposed in November 2013, but pertains only to vehicles in Japan, according to the company. The company's connected service provides Toyota customers with information about their vehicle, provides in-car entertainment services, and helps to notify authorities in the event of an accident or breakdown.
This discussion has been archived. No new comments can be posted.

Toyota Japan Exposed Data on Millions of Vehicles For a Decade

Comments Filter:
  • Can't trust anyone with security these days. Not even established reputable companies like Toyota.
    • Toyota is reputable?

      https://www.justice.gov/opa/pr... [justice.gov]

      https://www.momscleanairforce.... [momscleanairforce.org]

      I mean, they have "a" reputation, I suppose, but it's not a good one.

    • What do mean these days, when was it the case you could trust people with your data? Before there was data?

      As for self driving cars, one of my concerns is most companies even large companies like Toyota are not very security conscious. They like to appear they are, but a lot of the time its security by obscurity. What happens when a hacker decides to drive every car off the road at high speed at once?

  • liability (Score:5, Interesting)

    by awwshit ( 6214476 ) on Friday May 12, 2023 @09:25AM (#63516409)

    The world needs to make mass data collection like this a liability. If you collect the data and then do something stupid with it, then you pay everyone handsomely. A couple of big events and companies will decide that the spy apparatus is too much of a liability to consider. I hope someone takes Toyota to the cleaners over this.

    The constant data rape from all angles needs to stop. It is possible to provide services that do not involve constant location tracking and central logging.

    • Whether you do something 'stupid' with it or not.... the data makes its way into the world eventually. The problem is not the leak; it is the collection of data that's the problem.
      • > the data makes its way into the world eventually

        Does it? My private home security video will never 'make its way into the world'. The problem is collecting the data in one place under one authority. Another problem is not having a choice about this data collection or its further sharing.

  • I've about (Score:5, Informative)

    by Ol Olsoc ( 1175323 ) on Friday May 12, 2023 @09:50AM (#63516451)
    had the shits of this wonderful "cloud".

    I remember when it was touted as perfectly secure. We even have people praising it today: https://www.tomsguide.com/feat... [tomsguide.com]

    And yet, every day we find out that it is the opposite of secure. Whether it is some sort of "cloud misconfiguration" as Toyota pleads, or some other excuse, the cloud, instead of ushering in a new age of computer privacy, has now turned into an almost perfect system of data acquisition for the bad guys. The cloud allows them to gather the personal information of millions of customers at a time.

    Yet we're admonished about Grandma's computer and her using her pets name as a password. But why bother Grandma's computer when you can get her credit card number right from her bank's "secure cloud along with all their other customers?

    I'd go so far to venture that most of our CC numbers and bank accounts are known to the bad guys now. It's just a matter of them trying to figure out which one to drain at this point.

    • had the shits of this wonderful "cloud".

      It all started when they coined the phrase as a way to obfuscate the concept of "rented servers". Layers and layers of marketing abstraction later, and it's hard not to expect things to be handled poorly.

      • had the shits of this wonderful "cloud".

        It all started when they coined the phrase as a way to obfuscate the concept of "rented servers". Layers and layers of marketing abstraction later, and it's hard not to expect things to be handled poorly.

        And the suits bought right into it.

  • What needs to happen for this shtick to stop is people in charge doing hard time. Issuing apologies at each fucking is not enough incentive for careless companies to start paying attention to the security of the data they demand from their customers.

  • Toyota is clearly a "car company first", unlike some manufacturers that would have you think their a software company. Toyota tends to use old tech too, for example my 2022 Tacoma has absolute shit quality video cameras on it. When I looked into updating them I was shocked to find the system uses NTSC still! (IE: most camera replacement's wont do anything significant since the computer is working with a low-grade signal.)
  • It has a âoe drive recorder which records footage from the car.â So itâ(TM)s filming what â" my drives, or the interior? Why do they think they can just do that? A notice in small print written in Japanese in the back of my ownerâ(TM)s manual does not indicate consent. Whoâ(TM)s ready for a class action?

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.

Working...